CVE-2018-7301

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1290%

EPSS Percentile6.75th

Published2018年2月22日

Last Modified2024年11月21日

Vulnerability Description

eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices.

Affected Platforms (CPE)

💻

Eq 3

Homematic Central Control Unit Ccu2 Firmware

= 2.29.22

References & Advisories

🔗 http://atomic111.github.io/article/homematic-ccu2-xml-rpc

相关漏洞威胁

CVE-2018-1071810.0

Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to...

CVE-2018-022210.0

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...

CVE-2018-026810.0

A vulnerability in the container management subsystem of Cisco Digital Network Architecture (DNA) Center could allow an unauthenti...